Ahead Partnership Limited (“Ahead Partnership”, “us”, “we” or “our”) is committed to respecting your privacy and to complying with applicable data protection and privacy laws. We will comply with the General Data Protection Regulation 2016 (GDPR) (including any UK version of GDPR that is implemented as a result of Brexit) and the Data Protection Act 2018 together with any other privacy and data protection legislation applicable to us.
We wish to help you make informed decisions, so please take a few moments to read the sections below and learn how we use your personal information.
Where any of your data is collected by Ahead Partnership, we are the controller of this data.
Why do we process your personal data?
We collect and use your personal information for a number of reasons which are described in more detail in the table below. Please review the table to understand more about how and why we process your personal data.
In submitting a job application you should be aware we may store the information you provide us for up to one year after the application deadline. We will store your information and any materials related to your application, such as interview notes, for no longer than one year following your application. This is to enable us to provide feedback following the recruitment process, field enquiries about the process and deal with any issues that may arise as a result of the process or our decision.
We may contact you if other suitable vacancies arise using the information you have provided to us. You can change your mind and withdraw such consent at any time.
If you attend an unpaid internship or work experience placement, we will store your information for up to a year following your leaving date. If you have worked with us as a paid intern your personal data will be retained in accordance with our employee retention period set out in the table below.
When will we disclose your information to others?
Social media, blogs, reviews
Any social media posts or comments you send to us publicly (on the Ahead Partnership Twitter page, for instance) will be shared under the terms of the relevant social media platform (e.g. Twitter/LinkedIn) on which they are written and could be made public. We will not share any messages you sent to us privately on social media.
Other people, not us, control these platforms. We are not responsible for this kind of sharing. We recommend you should review the terms and conditions and privacy policies of the social media platforms you use. That way, you will understand how they will use your information, what information relating to you they will place in the public domain, and how you can stop them from doing so if you wish.
Any blog, review or other posts or comments you make about us or our services on any of our blogs, reviews or user community services will be shared with all other members of that service and the public at large. Any comments you make on these services and on social media in general must be not offensive, insulting or defamatory. You are responsible for ensuring that any comments you make comply with any relevant policy on acceptable use of those services.
The grounds on which we process your information
We process your personal information in accordance with one of a number of grounds set out in GDPR. We have explained in the table below the grounds that apply to each use of your personal data and have described each relevant ground below in more detail:
We may be entitled to process your personal data on the basis that it is in our legitimate interests to do so and those interests are not outweighed by your rights and freedoms. If we intend to rely on legitimate interests we will conduct a legitimate interests assessment to ensure it is appropriate for us to do so.
We are entitled to process your personal data where we need to do so in order to fulfil our obligations under a contract we have with you.
We may process your personal data where we are legally obliged to do so.
In some limited circumstances we may ask for your consent to process your personal information. If you do not provide your consent we will not process your information for that particular purpose but we may still be entitled to process your information for other purposes, as set out in the table below. If you give you consent but subsequently withdraw it, we will stop processing your information but that will not affect any processing we carried out prior to you withdrawing your consent.
How long do we keep your information for?
To make sure we meet our legal data protection and privacy obligations, we only hold on to your information for as long as we need it for the purposes for which we acquired it in the first place, or for additional purposes agreed with your consent. Our retention period for employee and candidate data is set out in the table at the end of this policy.
Access to your Information
You can write to us at any time to obtain details of the personal information we may hold about you. Please write to: email@example.com.
You may request the following:
Many of the above points are addressed within this policy and in the appended table showing information by categories of contacts, however you may request them separately if you wish to enquire specifically about your information.
If necessary, we will take all reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.
Your right to complain about our processing
If you think we have processed your personal data unlawfully or that we have not complied with GDPR, you can report your concerns to the supervisory authority in your jurisdiction. The supervisory authority in the UK is the Information Commissioner’s Office (“ICO”). You can call the ICO on 0303 123 1113 or get in touch via other means, as set out on the ICO website – https://ico.org.uk/concerns/.
If you have any questions or would like more information about the ways in which your data is processed, please contact firstname.lastname@example.org.
We do not have an official Data Protection Officer as this is not a requirement for our organisation. However we do have a Privacy Officer overseeing data protection compliance. Our current Privacy Officer is Nicola Hara, who can be contacted at email@example.com.
What personal information we collect, how long we store it for and why we collect this information:
Six years (after termination of employment with us).
Seven years for financial data e.g. names and contact details on invoices
We will retain your name, dates of employment and job role on our systems indefinitely so that we are able to confirm your employment with us, for example as part of a reference. If you would like us to delete this information, please contact us.
One year after application deadline
Cloud storage/ software providers; to store information (on the grounds of our legitimate interests)